- From: <bugzilla@wiggum.w3.org>
- Date: Tue, 24 Feb 2009 05:11:50 +0000
- To: public-html-bugzilla@w3.org
http://www.w3.org/Bugs/Public/show_bug.cgi?id=6606 --- Comment #2 from Nick Levinson <Nick_Levinson@yahoo.com> 2009-02-24 05:11:50 --- Your blog article is thoughtful. But: I hope we're not debating whether property rights should exist. You may certainly interpret my creation but you can't change it and claim that's my interpretation. The insertion of dotted underlines and double underlines is not by the site owner. Most people don't know the difference in meaning between single- and double-underscores or solid and dotted, and they reasonably assume the website owner inserted both kinds for the same purpose. It's bad enough that I, as a site owner, must take the affirmative step of blocking them, and worse that I have to do so on every page and not just once site-wide. It's even worse if I'm not allowed to block at all. The alternative of no one both owning and controlling a website is not feasible in today's world. When I see a major Linux website with a popup ad for SCO Unix, if I didn't know how that happened I'd be right to question the legitimacy of that entire Linux site and all its content. Owners do have a right to control how anyone's user agent presents the owner's page, to the extent that if the browser is standards-compliant and the site owner has access to those standards they may design accordingly and, unless the end user opts to make changes to the browser, the site owner may expect the presentation to come within a reasonable range of expectations. That's why Microsoft's permission is needed before an intermediary (other than a foreign national government) may alter the results the Microsoft MSN search engine gives users and claim it's what Microsoft supplied. Otherwise, imagine if someone, say, Microsoft or some child, could use browsers worldwide to alter a Saudi or Venezuelan national website's presentation to appear to give away all their oil. Browser owners and sellers have more than a social responsibility of nondeception; it's a legal duty if they offer faithful presentation but go way off course. If a browser supplier offers HTML standards compliance, what's needed is a standard that assures that the viewing experience will, within reason, conform to the page author's intent. In the U.S., warranties of merchantibility, fitness for use, and acceptability don't even have to be stated in product literature because they're embodied in law and they apply even if a browser's lit doesn't mention HTML per se. Since Windows is sold with the browser included as an inducement to buy, the same warranties would likely require something like HTML compliance for Win. When computers are sold with Win as an inducement to buy, the same principle applies to the computer as a whole with Win and IE. And if Microsoft or a competitor wants to announce that they'll no longer support HTML, which they can, without a replacement feature their business would likely plummet. So, while not ironclad, HTML is part of the law governing browsers. Providers like Google and Microsoft are not utilities entitled to monopolize under U.S. law so as to justify regulating their services more closely. Thus, if the user-agent link-adding is lawful, they may carry advertisements on these services and that's not generally anticompetitive. Thus, it makes sense for a business to block a competitor's ads from appearing as if from the first business's website. But without information on who is advertising when, they need to be able to block all such activity. If I want to read an article in a major magazine, I may get the magazine in hard copy or find an online site from the magazine's publisher. I may also go to a third-party provider of magazine articles, such as EbscoHost, ProQuest, or Nexis. We do not expect them to rewrite the articles (although they may if, say, an original publisher was sued for libel and saw fit to order changes by all reproducers, not to mention errors due to optical scanning of text (OCR)). In general, they don't modify them and that fits our use expectations. That kind of expectation applies to most Web content as seen in our browsers. Framing is a technology that presents a similar problem. While one author's frame around another author's work may be clear as to distinction of content ownership, it may be not at all clear, and a frame may even have no visual border at all. U.S. laws such as that against unfair competition and misrepresentation provide some protection, but the shortage of protection is why some sites use legal terms to forbid framing, probably not very successfully. However, the problem count is smaller since, to my knowledge, framing isn't done by user agents but by single sites. Browsers and toolbars raise the scale and the need. On HTML's role in security attacks via the mark tag, you're probably right, but I'll get a bit technically legal here in support of a small rewording: HTML5's role in a security breech would come if it grants permission to system designers, as I saw in this statement: "Another example of the mark element is highlighting parts of a document that are matching some search string. If someone looked at a document, and the server knew that the user was searching for the word 'kitten', then the server might return the document with one paragraph modified as follows: . . . . <mark>kitten</mark> . . . ." Section 4.6.7. That looks like permission for the server to interject markup into a byte stream. Given that many people in large organizations view outside websites in a way that involves at least two servers per visit, one hosting and others not, the section seems to be permission for any nonhost server to sell advertising or comment on content as if it's the author's commentary. Thus, the security breech would be furthered by HTML as permission. However, as I didn't find any reference in the document to any server that wasn't acting on a served document somehow as authorized, e.g., by checking a certificate, if you're right that the intent was not as I feared, then we should propose rewording the HTML standard before finalization so only the site owner's server might mark the string if nonowners are to be conformant. I'm not an attorney and laws vary by nation and circumstance, but if you believe there's any error in the above please let us know. That some services come with conditions that are user-approved is legally true but not with users' knowledge in most cases. People rarely read terms of service. Intelligent people rarely read them. Lawyers rarely read them. They rarely read them even when installation cannot proceed until an option to agree has been clicked on and probably even if scrolling to the end of the terms is prerequisite. (I wonder if most computer geeks read them.) I read or skim them but many people consider me weird, strange, eccentric, etc. Who has liability (quality of notice is a little-discussed legal issue in U.S. law) is one question. Whether the user has actual knowledge and not just a duty to know is another question. Because of the huge numbers of users involved and their reliance on what they find on the Internet, I think we should be on the side of recognizing that the lack of actual knowledge on the part of most users, including intelligent users, should lead us to be cautious on how legal rights of other parties should be handled. Institutional intermediaries present another problem. A public library offers computers requiring little more than a library card for access (a library card in my city requires little more than a piece of mail as proof of residence). Recently, a major library disabled access to ads appearing on certain sites. I could still access my email account but ads sent by other servers to the email inbox were blocked. A staff aide said the library did the blocking. I do recall a user not knowing that a banner graphic was an ad. (Yahoo seems to have made distinguishing top-of-page sponsored links from search results more subtle.) In short, many people use computers under other parties' control and don't know that content may be changed. They think they're seeing the Internet and assurance should be provided that they're likely seeing what the page authors intended unless the user has taken extra steps to diverge, as a disabled user might when wanting high-contrast layouts. Natural-language translation services I've seen generally effectively use an opt-in system. Links being graphically different according to function is inadequate when many sites make their links graphically different for no reason other than aesthetics, thus effectively teaching users that links being graphically different has no meaning, or, more realistically, that it often has no meaning, when the thing over there is just a link. That occurs not only on leading-edge designs with few non-specialist visitors but also on major high-traffic high-visitor-count high-amateur-visitor-count corporate sites. That occurs despite usability advice to use standard looks for links. It occurs often. I develop on Win9x partly because I'm a cheapskate (and they're licensed) but also because anything developed on older versions is likely to work on newer, unlike the inverse, and I've tested already-uploaded websites at public terminals with newer Win. Wine is in a cat-and-mouse game with Microsoft and MS is pretty well able to keep its quarry in a mousehole just by staying ahead on specs without telling the Wine programmers, who must keep looking at the latest MS versions and thus can't spend as much time fine-tuning compatibility with older versions. I wish otherwise. Open source is better quality. MS has the right to be proprietary and could outperform OSS if MS put its managerial mind to it, but they're too busy trying, inter alia, to hijack our content, thus the request for a means to block Activities or whatever they want to call them next. I noticed that the instruction offered by MS on their website on how to block Smart Tags was apparently no longer on their website, but only on third-party websites. While MS has a rational reason for its removal, namely that it was relevant only to a beta release and they don't support beta releases after their time has passed, they should have left it up and should assure similar tools for future technologies will be provided from the beginning. I'm perfectly capable of creating an ordinary link from a book title on my own site to a bookstore's online offer, or from an address to a map. If I don't serve my visitors very well, I risk losing my visitors. That risk should be left to me, as the site owner. I do not care for Microsoft's paternalism. -- Nick -- Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug.
Received on Tuesday, 24 February 2009 05:11:59 UTC